[Git][security-tracker-team/security-tracker][master] 3 commits: AddCVE-2020-1712/systemd

Salvatore Bonaccorso carnil at debian.org
Wed Feb 5 09:36:47 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a1b2b1d3 by Salvatore Bonaccorso at 2020-02-05T10:22:31+01:00
AddCVE-2020-1712/systemd

- - - - -
d3ef09f2 by Salvatore Bonaccorso at 2020-02-05T10:31:03+01:00
Add upstream fixes for CVE-2020-1712/systemd

- - - - -
aa6a1494 by Salvatore Bonaccorso at 2020-02-05T10:36:14+01:00
Merge branch 'CVE-2020-1712/systemd'

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17010,8 +17010,17 @@ CVE-2020-1714
 	RESERVED
 CVE-2020-1713
 	RESERVED
-CVE-2020-1712
-	RESERVED
+CVE-2020-1712 [heap use-after-free vulnerability]
+	RESERVED
+	- systemd <unfixed>
+	NOTE: https://github.com/systemd/systemd/commit/773b1a7916bfce3aa2a21ecf534d475032e8528e (preparation)
+	NOTE: https://github.com/systemd/systemd/commit/95f82ae9d774f3508ce89dcbdd0714ef7385df59 (preparation)
+	NOTE: https://github.com/systemd/systemd/commit/7f56982289275ce84e20f0554475864953e6aaab (preparation)
+	NOTE: https://github.com/systemd/systemd/commit/f4425c72c7395ec93ae00052916a66e2f60f200b (preparation)
+	NOTE: https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54 (introduce new API)
+	NOTE: https://github.com/systemd/systemd/commit/637486261528e8aa3da9f26a4487dc254f4b7abb ((use new function to fix CVE-2020-1712)
+	NOTE: https://github.com/systemd/systemd/commit/5c1163273569809742c164260cfd9f096520cb82 (documentation)
+	NOTE: https://github.com/systemd/systemd/commit/bc130b6858327b382b07b3985cf48e2aa9016b2d (documentation)
 CVE-2020-1711 [block: iscsi: OOB heap access via an unexpected response of iSCSI Server]
 	RESERVED
 	- qemu 1:4.2-2 (bug #949731)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/3d2009fb6d799debce1e2fe7455c9aa3151996ea...aa6a149496307b2bf75ff75684f2004f1d81b262

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/3d2009fb6d799debce1e2fe7455c9aa3151996ea...aa6a149496307b2bf75ff75684f2004f1d81b262
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200205/92d634b0/attachment.html>

More information about the debian-security-tracker-commits mailing list